357
Let's Encrypt Announces New-Certificate-Every-6-Days Offering
(letsencrypt.org)
This is a most excellent place for technology news and articles.
Im also not an expert but i believe since there Is still an ephemeral DH key exchange happening an attacker needs to actively MITM while having the certificate private key to decrypt the session. Passive capturing wont work